Google Authenticator

Google Authenticator is open source software, currently licensed under the Apache 2.0 license. It is an excellent supplement to a working RSA model for additional security measures.

ghorr no longer recommends using the Google Authenticator Android app because the application is no longer fully open source. andOTP is now recommended which currently is open source.
________________________________________________________________________________________________________________________________________________________

Setting up Google Authenticator

Installing Google Authenticator

You can easily install google-authenticator-libpam-hg from AUR using yaourt:

yaourt -S google-authenticator-libpam-git

Adjusting the SSHD and PAM configuration files

Open /etc/ssh/sshd_config with your favorie text editor and make sure that ChallengeResponseAuthentication is set to yes.

Next you have to edit /etc/pam.d/sshd. We are only interested in the lines starting with auth.

If you want to have to enter both your regular password and a one-time password to login, change the configuration like this: